CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-13269

A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.5%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13269.json
https://gitlab.com/gitlab-org/gitlab/-/issues/216528
https://hackerone.com/reports/864356
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13269.json
https://gitlab.com/gitlab-org/gitlab/-/issues/216528
https://hackerone.com/reports/864356

Products affected by CVE-2020-13269

Gitlab » Gitlab » Version: 12.10.0

cpe:2.3:a:gitlab:gitlab:12.10.0
Gitlab » Gitlab » Version: 12.10.1

cpe:2.3:a:gitlab:gitlab:12.10.1
Gitlab » Gitlab » Version: 12.10.2

cpe:2.3:a:gitlab:gitlab:12.10.2
Gitlab » Gitlab » Version: 12.10.3

cpe:2.3:a:gitlab:gitlab:12.10.3
Gitlab » Gitlab » Version: 12.10.4

cpe:2.3:a:gitlab:gitlab:12.10.4
Gitlab » Gitlab » Version: 12.10.5

cpe:2.3:a:gitlab:gitlab:12.10.5
Gitlab » Gitlab » Version: 12.10.6

cpe:2.3:a:gitlab:gitlab:12.10.6
Gitlab » Gitlab » Version: 13.0.0

cpe:2.3:a:gitlab:gitlab:13.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13269

Products

Pricing

Contact Us